Mega Dose
 
 

Special Offers see all

Enter to WIN a $100 Credit

Subscribe to PowellsBooks.news
for a chance to win.
Privacy Policy

Tour our stores


    Recently Viewed clear list


    Interviews | September 2, 2014

    Jill Owens: IMG David Mitchell: The Powells.com Interview



    David Mitchell's newest mind-bending, time-skipping novel may be his most accomplished work yet. Written in six sections, one per decade, The Bone... Continue »

    spacer
Qualifying orders ship free.
$31.00
Used Trade Paper
Ships in 1 to 3 days
Add to Wishlist
Qty Store Section
1 Burnside Networking- Computer Security

More copies of this ISBN

Securing PHP Web Applications (For Mere Mortals)

by

Securing PHP Web Applications (For Mere Mortals) Cover

 

Synopses & Reviews

Publisher Comments:

Easy, Powerful Code Security Techniques for Every PHP Developer

 

Hackers specifically target PHP Web applications. Why? Because they know many of these apps are written by programmers with little or no experience or training in software security. Don’t be victimized. Securing PHP Web Applications will help you master the specific techniques, skills, and best practices you need to write rock-solid PHP code and harden the PHP software you’re already using.

 

Drawing on more than fifteen years of experience in Web development, security, and training, Tricia and William Ballad show how security flaws can find their way into PHP code, and they identify the most common security mistakes made by PHP developers. The authors present practical, specific solutions–techniques that are surprisingly easy to understand and use, no matter what level of PHP programming expertise you have.

 

Securing PHP Web Applications covers the most important aspects of PHP code security, from error handling and buffer overflows to input validation and filesystem access. The authors explode the myths that discourage PHP programmers from attempting to secure their code and teach you how to instinctively write more secure code without compromising your software’s performance or your own productivity.

 

Coverage includes

  • Designing secure applications from the very beginning–and plugging holes in applications you can’t rewrite from scratch
  • Defending against session hijacking, fixation, and poisoning attacks that PHP can’t resist on its own
  • Securing the servers your PHP code runs on, including specific guidance for Apache, MySQL, IIS/SQL Server, and more
  • Enforcing strict authentication and making the most of encryption
  • Preventing dangerous cross-site scripting (XSS) attacks
  • Systematically testing yourapplications for security, including detailed discussions of exploit testing and PHP test automation
  • Addressing known vulnerabilities in the third-party applications you’re already running

Tricia and William Ballad demystify PHP security by presenting realistic scenarios and code examples, practical checklists, detailed visuals, and more. Whether you write Web applications professionally or casually, or simply use someone else’s PHP scripts, you need this book–and you need it now, before the hackers find you!

Book News Annotation:

T. Ballad, a web developer and noted technology writer, has teamed with W. Ballad, an expert in information technology, to provide this guide to blocking hackers in PHP web applications. Designed specifically for web developers who have little or no experience in software security, this book offer explicit instructions on how to write "rock-solid" code that will defend a PHP application against session hijacking, fixation, poisoning attacks and other security breaches. Code examples, real-life scenarios and practical checklists are also included to ensure the enforcement of strict authentification and file system access. Annotation ©2009 Book News, Inc., Portland, OR (booknews.com)

About the Author

Tricia Ballad spent several years as a Web applications developer on the LAMP (Linux, Apache, MySQL, PHP/Perl) platform before becoming a full-time writer and technical editor. She currently writes online courseware on various technology topics.

 

William Ballad has worked in every aspect and at all levels of information technology, from hardware maintenance at a small mom-and-pop ISP to architect of Windows-based and heterogeneous networks at some of the world’s largest corporations. An active member of the IT security community for many years, he recently led an effort to counter an international hacker group exploiting OptionCart, a widely used e-commerce system.

 

The Ballads have collaborated on several Web development books, including PHP & MySQL Web Development All-in-One Desk Reference for Dummies (Wiley Publishing, 2008).

Table of Contents

Part I: Web Development Is a Blood Sport–Don’t Wander onto the Field without a Helmet

Chapter 1: Security Is a Server Issue and Other Myths

 

Part II: Is That Hole Really Big Enough to Drive a Truck Through?

Chapter 2: Error HandlingChapter 3: System Calls

 

Part III: What’s in a Name?  More than You Expect

Chapter 4: Buffer Overflows and Variable Sanitation

Chapter 5: Input Validation

Chapter 6: Filesystem Access: Accessing the Filesystem for Fun and Profit

 

Part IV: “Aw, Come On, Man, You Can Trust Me”

Chapter 7: Authentication

Chapter 8: Encryption

Chapter 9: Session Security

Chapter 10: Cross-Site Scripting

 

Part V: Locking Up for the Night

Chapter 11: Securing Apache and MySQL

Chapter 12: Securing IIS and SQL Server

Chapter 13: Securing PHP on the Server

Chapter 14: Introduction to Automated Testing

Chapter 15: Introduction to Exploit Testing

 

Part VI: “Don’t Get Hacked” Is Not a Viable Security Policy

Chapter 16: Plan A: Designing a Secure Application from the Beginning

Chapter 17: Plan B: Plugging the Holes in Your Existing Application

 

Epilogue

 

Appendix A

 

Glossary

Index

Product Details

ISBN:
9780321534347
Author:
Ballad, Tricia
Publisher:
Addison-Wesley Professional
Author:
Ballad, William
Subject:
Application software
Subject:
Computer programs
Subject:
Internet - Security
Subject:
Security - General
Subject:
Application software -- Development.
Subject:
PHP (Computer program language)
Subject:
Internet - General
Copyright:
Edition Description:
Trade paper
Series:
For Mere Mortals
Publication Date:
December 2008
Binding:
TRADE PAPER
Grade Level:
Professional and scholarly
Language:
English
Illustrations:
Y
Pages:
336
Dimensions:
9.19 x 7 x 0.729 in 528 gr

Related Subjects

Computers and Internet » Internet » General
Computers and Internet » Internet » Information
Computers and Internet » Internet » Web » Site Design
Computers and Internet » Networking » Computer Security
Computers and Internet » Software Engineering » General

Securing PHP Web Applications (For Mere Mortals) Used Trade Paper
0 stars - 0 reviews
$31.00 In Stock
Product details 336 pages Addison-Wesley Professional - English 9780321534347 Reviews:
spacer
spacer
  • back to top

FOLLOW US ON...

     
Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.